Code injection

era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The proble...

Lack of flexibility in updating cycle length leading to potential contract redeployment.

Lines of code Vulnerability details Impact function cycleOfuint32 timestamp private view returns uint32 cycle unchecked return timestamp / cycleSecs + 1; and function currCycleStart private view returns uint32 timestamp uint32 currTimestamp = currTimestamp; // slither-disable-next-line weak-prng...

Upgraded Q -> M from #258 [1674661917738]

Judge has assessed an item in Issue 258 as M risk. The relevant finding follows: L-03 Use of deprecated functions Impact The contract uses deprecated function latestAnswer. Such functions might suddenly stop working if no longer supported. Impact: Deprecated API stops working. Prices cannot be...

VotingEscrow Ownership Management Lacks Basic Protections

Lines of code Vulnerability details Impact A comment saying "Owner should always be a timelock contract" is not sufficient protection for something as critical as ownership. There should be: a zero address check on addr a propose/transfer method of ownership transfer, not a unilateral transfer...

GHSA-GWJ5-WP6R-5Q9F Cronos vulnerable to DoS through unintended Contract Selfdestruct

In Cronos nodes running versions before v0.7.0, the contract selfdestruct invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in Ethermint, all contracts that used the identical bytecode i.e shared the same CodeHash will also stop...

Use of deprecated Chainlink's latestAnswer API

Handle UncleGrandpa925 Vulnerability details Issue In EIP1271Wallet.sol, the function validateOrder uses the deprecated latestAnswer of Chainlink. This function might suddenly stop working if Chainlink stopped supporting it, and also will not error if no answer has been reached but returns 0...

Use of deprecated Chainlink API

Handle 0xRajeev Vulnerability details Impact The contract uses Chainlink’s deprecated API latestAnswer. Such functions might suddenly stop working if Chainlink stopped supporting deprecated APIs. Impact: Deprecated API stops working. Prices cannot be obtained. Protocol stops and contracts have to...

finalize is susceptible to front-running leading to DoS and contract redeployment

Handle 0xRajeev Vulnerability details Impact PostAuctionLauncher finalize has removed the requirement of admin-only finalize as noted in the function comment and lets anyone call it. This makes it susceptible to front-running by anyone when tokens token1 or token2 are yet to be added to pool. The...

Use of deprecated Chainlink API

Handle 0xRajeev Vulnerability details Impact The contracts use Chainlink’s deprecated API latestAnswer. Such functions might suddenly stop working if Chainlink stopped supporting deprecated APIs. Impact: Deprecated API stops working. Prices cannot be obtained. Protocol stops and contracts have to...

Test configuration carryover to production deployment limits pool users to 5

Handle 0xRajeev Vulnerability details Impact The project uses a data structure for indexing ticket tokens/users called SortitionSumTreeFactory which as explained in the overview video time 14:20-14:50 is used to capture users’ token balances in the leaves where internal nodes represent their sums...

Critical uberOwner address changes should be a two-step process

Handle 0xRajeev Vulnerability details Impact As specified, uberOwners of Factory, Orderbook and Treasury have the highest privileges in the system because they can upgrade contracts of market, Nfthub, order book, treasury, token and factory which form the critical components of the protocol. The...

USDV functions can be called before initialization in init() of USDV.sol

Handle 0xRajeev Vulnerability details Impact All the external/public functions of USDV.sol can be called by other contracts even before USDV.sol contract is initialized. This can lead to exceptions, state corruption or incorrect accounting in other contracts, which may require redeployment of...

Initialization can be front-run in DAO.sol

Handle 0xRajeev Vulnerability details Impact Given the public access, this is susceptible to front-running by an attacker who can initialize this with arbitrary assets before the deployer. Reinitialization will require contract redeployment because initialization can be done only once. Reference:...

Initialization can be front-run in USDV.sol

Handle 0xRajeev Vulnerability details Impact Given the public access, this is susceptible to front-running by an attacker who can initialize this with arbitrary assets before the deployer. Reinitialization will require contract redeployment because initialization can be done only once. Reference:...